A prolific credit-card theft ring is scanning for unsecured "buckets" in Amazon's cloud and has compromised 17,000 domains (so far)

Magecart is the hacker gang that pulled off the British Airways and Ticketmaster credit-card heists; now they've build an Amazon cloud scanner that systematically probes S3 storage "buckets" for configuration errors that allow them to overwrite any Javascript files they find with credit-card stealing malware. Read the rest

Structural Separation: antitrust's tried-and-true weapon for monopolists who bottleneck markets

Back in 2017, a law student named Lena Khan made waves in policy circles with the publication of her massive, brilliant, game-changing 24,000-word article in the Yale Law Journal, Amazon's Antitrust Paradox, which revisited the entirety of post-Ronald-Reagan antitrust orthodoxy to show how it had allowed Amazon to become a brutal, harmful monopoly without any consequences from the regulators charged with ensuring competition in our markets. Read the rest

Security chips have not reduced US credit-card fraud

The US credit card industry was a very late adopter of security chips, lagging the EU by a decade or so; when they did roll out chips, it was a shambolic affair, with many payment terminals still not using the chips, and almost no terminals requiring a PIN (and some require a PIN and a signature, giving rise to the curiously American security protocol of chip-and-PIN-and-swipe-and-sign). Read the rest

Ticketmaster stung by undercover journalists, who reveal that the company deliberately enables scalpers and rips off artists

Even in this era, dominated by vertically and horizontally dominant monopolists, few companies are as chronically dirty and corrupt as Ticketmaster (previously), whose parent company, Livenation, is the world's largest concert promoter. Controlling promotion and ticketing is a one-two punch for a monopolist: Livenation's rival promoters still inevitably end up selling tickets through Ticketmaster, enriching their biggest competitor. Read the rest

TicketMaster UK: 'malicious software' may have allowed thieves to steal customer data

Ticketmaster UK today admitted that an unknown number of customers' data may have been stolen in a malware attack. Read the rest

Ticketmaster finds a new way to be terrible: facial recognition!

Comcast may be the most hated company in America, but Ticketmaster has sure given it a run for its money, through a combination of monopolism, rent-seeking, shady dealing with scalpers and total indifference to its customers and the entertainers it nominally serves, but as bad as it is, there's still plenty of innovative ways for it to get worse. Read the rest

Google: we're not involved in Adblock Plus's ad network

Adblock Plus, an adblocking plugin recently unveiled as a trojan horse for a new ad network, claimed Google and AppNexus were among its partners. This is not so, according to Google and AppNexus. Read the rest

Proposed redesign of Ticketmaster's ugly and confusing tickets

After working as a volunteer usher, Matthew Lew reimagined Ticketmaster's hard-to-read tickets. His ticket stripped out the redundant info, made the seating information clear, added an anti-counterfeiting strip, and is the size of a business card so it fits in a wallet without folding.

Dear Ticketmaster: It is time to redesign the master of all tickets Read the rest

Make American Express Membership Rewards Your Social Currency

Everything we do these days seems to revolve around a social network. American Express Membership Rewards is getting in on the act with an updated points program that will really give your friends on Facebook something to "Like." You'd think a rewards program that's been around 20 years would be set it in its ways, but not American Express. Membership Rewards points are your currency for real-life social connections with friends and family. Don't just tweet about life--get out there and enjoy it with products and experiences for which you can use your points! Read the rest

Erykah Badu's new album is out today (release party in LA tonight)

New Amerykah Part II: Return of the Ankh, Erykah Badu's new album, is out today. It's fantastic. Her record release party is in LA tonight (tickets: El Rey or Ticketmaster), and I'll be there. Excited about catching DJ Nobody's set, too. Look at that lovely poster, after the jump. Who says flyer art is dead? (thanks, Richard Metzger + Tara McGinley) Read the rest

Amanda Palmer on why she's not ashamed to ask her listeners for money

A reader writes, "Amanda Palmer of Dresden Dolls, etc., passionately rants about artists' fear of asking fans to support them directly, and the evolution of new artist-fan relationships as corporate middle-men go as the dodo."

I was at a dinner with Amanda a few weeks ago and we talked about this at length. She's not only incredibly interesting on the subject, but also insightful -- and successful at it.

i can't help it: i come from a street performance background. i stood almost motionless on a box in harvard square, painted white, relinquishing my fate and income to the goodwill and honor of the passers-by.

i spent years gradually building up a tolerance to the inbuilt shame that society puts on laying your hat/tipjar on the ground and asking the public to support your art...

i did this for 5 years, and i made a living that way. dollar by dollar. hour by hour. it was hard fucking work.

and for the last 10 years, i have been working my ass off in a different way: tirelessly making music, traveling the world, connecting with people, trying to keep my balance, almost never taking a break and, frankly, not making a fortune doing it. i still struggle to pay my rent sometimes. i'm still more or less in debt from my last record. i'll lay it all out for you in another blog. it's just math.

if you think i'm going to pass up a chance to put my hat back down in front of the collected audience on my virtual sidewalk and ask them to give their hard-earned money directly to me instead of to roadrunner records, warner music group, ticketmaster, and everyone else out there who's been shamelessly raping both fan and artist for years, you're crazy.

Read the rest

Controversy over "This American Life" RSS feeds (UPDATED)

Update: Conrad, the "Unofficial American Life podcaster," clarifies the reports other readers have submitted:

I have decided to remove the Unofficial This American Life podcast at the request of TAL’s webmaster Elizabeth Meister. Contrary to posts on Boing Boing and elsewhere, Jon Udell and I did not recieve a “nastygram” or formal ceast and desist letter. Rather we received friendly emails from Ms. Meister, This American Life’s webmaster, making a request to take down the hyperlinks and RSS feeds, or she’d regrettably have to get lawyers involved. In other words, it wasn't a "cease and desist".

And Jared says,

Hello, I'm Jared, one of the people who received a request from This American Life to take down the links and podcast feed which linked to their MP3's.

Like Jon Udell, I have decided to comply with This American Life's request at this time. While I'm confident that my page and podcast feed containing links to publicly accessible MP3's, hosted on This American Life's own servers is perfectly legal (see Tickets.com v. Ticketmaster), I felt that I should honor their quaint low-tech attempts of Digital Restrictions Management.

I also want to make it clear, that I don't consider their request to be a "nastygram" or formal cease and desist as you've stated. Ms. Meister was courteous and clearly stated that she'd prefer that lawyers not be involved.

I've posted a more detailed explanation of what happened on my blog.


BoingBoing reader m@ says,

My friend Jared, techblogger Jon Udell, and apparently some others have been sent emails from the PRI radio program This American Life's webmeister requesting they halt publishing RSS podcast-feeds of TAL shows that simply link to MP3s hosted on TAL own website.

Read the rest

NYC bash 09/21: Wired + CC + Byrne + Gilberto Gil

From the Creative Commons blog, news of what sounds like a very fun event next month in New York:

On Tuesday, September 21, 2004, Wired Magazine will throw a benefit for Creative Commons featuring a concert by David Byrne (with the Tosca Strings) and Gilberto Gil. It will take place at 8PM at The Town Hall in New York City. Proceeds from the concert will go to support the non-profit efforts of Creative Commons.

Tickets are available now from Ticketmaster or, after September 1st, at the Town Hall box office. If you're in NYC and want to help support the work of the Creative Commons, come on out and enjoy a great concert.

Link Read the rest

String Cheese Incident takes on Ticketbastard

From this month's issue of Mother Jones:

How the String Cheese Incident -- five barefoot, mandolin- plucking improvisers from Boulder -- is taking on the most hated corporation in music (...)What do you call a company that has preserved its near monopoly for more than a decade despite numerous antitrust lawsuits, that charges exorbitant fees to its captive customers, whose CEO is said to revel in the fact that he "crushed" one of America's most beloved rock and roll bands when it dared to take the company on, that (for these reasons and more) is near the top of most Americans' list of companies they love to hate? Well, some people call it Ticketbastard, but Ticketmaster doesn't mind, so long as people keep calling -- and logging on and walking up to its outlets, which they did enough times last year to buy 95 million tickets, worth $4 billion, on behalf of its parent, Barry Diller's InterActiveCorp.

Link. BoingBoing reader Andrew Crocker points us another, earlier story from a local alt weekly in the band's hometown: Link. Read the rest

Simson Says: An End to Spam With SpamAssassin

SIMSON SAYS: An End to Spam With SpamAssassin Simson L. Garfinkel

(Mark's note: I've known Simson for a good many years, and have always admired his fine writing. When I was an editor at Wired, it always excited me to get one of his email pitches. He's a very interesting fellow, and the author of several books. He wrote a column for the Boston Globe called "Simson Says" from 1995-2000, now he is self-syndicating it. Boing Boing will run his columns for as long as Simson says.)

Earlier this year my email inbox was overflowing with spam --- junk email advertising everything from bolts made in China to pornographic websites. Although it seems hard to believe now, I was actually getting more than 70 pieces of spam every day. There was so much spam, in fact, that I had given up reading messages sent to an email address that I had used since 1995. And because a few business associates didn't know that I had stopped using that old email address, the decision ended up costing me thousands of dollars in missed opportunities.

Spam is not democratic: some people get hardly any, while others get tons. If you post messages to popular mailing lists or put your email address on web pages, you dramatically increase the chances that you'll get a lot of spam. You can also get a lot of spam if you simply have an email address that's predictable --- an address that a spammer might reasonably guess, like frank@aol.com. Read the rest